The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, the approaches described in this section may not be prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Transmission Control Protocol (TCP) is one of the most widely used communications protocols on the Internet. A wide variety of applications use TCP and numerous TCP-based protocols have been developed around TCP, such as the HyperText Transfer Protocol (HTTP) and the File Transfer Protocol (FTP).
There are well-known and studied performance issues with TCP in communications systems that include high latency links. For example, RFC 2760 “Ongoing TCP Research Relating to Satellites” describes that TCP suffers from significant throughput degradation in Long Flat Networks (LFNs) and Long Thin Networks (LTNs) that are typically associated with satellite, Wireless Wide Area Networks (WWANs) and Wireless Local Area Networks (WLANs). TCP performance issues are generally attributable to the characteristic that TCP is a connection-oriented communications protocol. TCP includes an initial three-way handshake, a sliding window mechanism, variable response times, an acknowledgement for every packet and an excessive number of concurrent sessions, that all contribute to performance degradation in high latency links. Also, in TCP, lost data has to be re-sent and errors are often mis-characterized as network congestion, which triggers TCP's slow starting congestion avoidance mechanism.
Numerous approaches have been employed to address the limitations of TCP in networks with high latency links. For example, many satellite and WWAN-based Internet Service Providers (ISPs) implement different Performance Enhancing Proxies (PEPs) that alter or proxy the TCP to achieve increases in performance.
One of the problems with using conventional PEP techniques to address the aforementioned problems is that the conventional PEP techniques require the ability to examine the IP and TCP header information contained in TCP packets. In both the transport and tunnel encryption modes of IPsec, the TCP header information is encrypted and therefore cannot be examined. The original IP header data is also encrypted and cannot be examined in the tunnel encryption mode of IPsec. Hence, IPsec cannot be used in PEP environments. Based on the foregoing, there is a need for an approach for implementing IPsec in PEP environments and in particular, in PEP environments that include high latency communications links.